When trying to connect to a XenDesktop 7.x and StoreFront 2.x based environment through NetScaler from an external Windows computer you could receive the following error upon finishing the Citrix Receiver initial wizard: Your account cannot be added using this server address:

If http is being used you have to change the Base URL to https and provide a corresponding server certificate for the underlying IIS web server and ensure it’s trusted by your NetScaler in case you use a certifcate signed by your own private CA.

Provide an appropiate server certificate for your IIS and change StoreFront’s Base URL according to CTX135050

Adjust all relevant NetScaler settings in terms of StoreFront, i.e. change URLs from http to https in all corresponding Session Profiles

Update 09/09/2015:

As stated in Citrix Discussions this issue has not been solved completely , yet. Therefore I had to investigate that problem further.

Several sources point out that this error message can have a bunch of different reasons, e.g.

the StoreFront’s Base URL not utilizing https

the StoreFront’s server certificate not being trusted by NetScaler

the corresponding NetScaler Gateway URL not being added to IE’s Trusted Sites Zone

the corresponding NetScaler Gateway’s server certificate not being trusted

In case your StoreFront server’s certificate has been issued by your own private CA make sure that NetScaler trusts the issuer of the server certificate, i.e. import the corresponding CA’s certificate into NetScaler.

In case your NetScaler Gateway’s server certificate has been issued by a private CA make sure the endpoint device fully trusts the issuer, i.e. import the corresponding CA’s certificate onto the endpoint device.